DUBLIN, Ireland: TikTok Technology Limited (TTL) has received a €345 million fine from the Data Protection Commission (DPC) of Ireland after an investigation into its processing of children's data.
The DPC probe focused on TTL's privacy settings and features and compliance with the European Union's General Data Protection Regulation.
The inquiry assessed age verification during registration and handling of children's data by the Chinese-owned video-sharing platform from July 31 to December 31, 2020. During this period, child users were directed through the registration process in a way that automatically set their accounts to public and allowed public comments by default.
The DPC also noted that the Family Pairing feature could link child users' accounts with unverified non-child accounts. These non-child accounts had the authority to enable direct messages for child users aged 16 years and above, thus making the feature less strict for child users.
The investigation also looked into TTL's transparency obligations, including the extent of information provided to child users regarding default settings.
The DPC issued a reprimand and ordered TTL to align its processing practices with specified actions within three months, imposing administrative fines totaling €345 million.
A spokesperson for TikTok said, "We respectfully disagree with the decision, particularly the level of the fine imposed.
"The DPC's criticisms are focused on features and settings that were in place three years ago and that we made changes to well before the investigation even began, such as setting all under 16 accounts to private by default."
TikTok's case is part of a series of fines levied by the DPC against major social media companies. Meta Ireland, Facebook's parent company, was fined €390 million for EU data privacy breaches earlier this year. In January, WhatsApp faced over €5 million in fines for data protection violations, and Instagram was fined €405 million last year for its handling of teenagers' personal data.